Netgate pfSense Reviews

We use pfSense as the primary firewall for our data center. 

We have a high availability setup, so we have had no downtime. PfSense gives us metrics about how the firewalls perform in terms of CPU, memory, etc., but I don't think it tells us how to address it. If we have an issue, we can always open a support ticket.

I find pfSense easy to use and configure. We have a high-availability pair, so if one has issues, it will failover to the other automatically. Overall, it's been pretty easy to build VPN tunnels and functions like that.

I don't think pfSense is as good about monitoring as it could be. There are logs, but they're kind of hard to get to. You need to send it to a log monitoring system. It's good about monitoring and learning this. You'll get an alert if there's an issue with the firewall itself, but it's not detecting security attacks. 

PfSense has the bare necessities essentially, but it isn't an advanced firewall that protects against layer 7 attacks or DDoS. It's not on the same level as Palo Alto, for instance. You can add some higher-level security features, but it doesn't do that out of the box. Maybe there's another functoin we can add to it, but it feels like it's not catching more advanced attacks.

We've used pfSense for around five years.

The stability has been great. We've rarely had any issues that have caused a failover. When we do, the failover has made it. I don't think we've experienced any real impact from it that caused any product issues. 

While we've added more IP addresses and traffic, there are some limits to its scalability. We've run into this before with graphical issues. We opened a ticket about that, and they said they found a bug that they were looking into. 

I think we're going to get close to reaching a limit with the mid-to-lower-end models at some point. The scalability is good but probably not great.

Their response has been excellent. Sometimes we've opened a ticket, and we've gotten a response back right, other times it took an hour or so. They're responsive now. 

In terms of the quality of their answers, they have been good to great. 

Positive

At previous companies,  I have worked with Cisco and Palo Alto firewalls. Palo Alto is probably a better firewall because it does more blocking. It's also quite a bit more expensive. For what you get, a Netgate pfSense solution is a highly cost-effective firewall.

It was in place when I joined the company, so I wasn't involved in the deployment. It requires some maintenance, like adding new firewall rules or VPN connections. We also upgrade it once or twice a year. 

Including the support costs and the hardware, I think pfSense is reasonably priced. It's very affordable. The total cost of ownership is favorable. We've had a hardware device that lasted over five years, and they're still doing well. We're able to buy at least software support for them.

I rate Netgate pfSense seven out of 10. If you have an enterprise environment, I recommend having two for high availability. Make sure you purchase and keep up with the software support in case there are any issues. Those are the two biggest things that helped us out. 

I recently started using pfSense to secure my home network. As an IT consultant working remotely, I needed better security than my router offered. I run servers in a lab environment to demo software for clients, and in my previous consulting role, I managed networks for companies of all sizes, some with hundreds of thousands of devices. Since we can't modify a client's environment directly, having a secure home lab for testing is crucial. pfSense allows me to segment my network and use a VPN for secure remote access, offering more functionality than my previous setup. While a free version exists, I opted for the convenience of a pre-configured appliance.

pfSense surprised me with its ease of use, even though it's powerful enough for corporate environments. Unlike my previous complicated Cisco firewall that now collects dust in the garage, pfSense offers the flexibility and functionality I need.

pfSense offers a default rule that allows all traffic initially. While I prefer to block everything by default and only allow specific traffic, this approach led me to accidentally lock myself out of the firewall during configuration. The device functioned as intended, following my overly restrictive rule. Resetting to factory settings was a learning experience, and now I understand how to avoid self-imposed lockouts. After diagnosing my initial setup issues, I successfully corrected them and implemented filters that boosted our internet speed. This experience made clear the benefit of pfSense for our network.

The firewall acts as my first line of defense against data loss by controlling incoming and outgoing traffic. Additionally, I keep my devices updated with security patches and utilize application whitelisting, which restricts programs to those from approved vendors with verified digital signatures. This helps prevent unknown malware from executing on my system. While demonstrating data loss prevention for a government agency, I encountered a connection hurdle between my devices on different subnets. Realizing a firewall was blocking communication, I opened the necessary ports to allow the connection. This highlights the firewall's role as a first line of defense. Even if one device is compromised, the firewall helps prevent the attack from spreading to other segments of the network. However, it's important to remember that the subnet itself remains at risk, which is why I also use local firewalls on individual devices for additional protection.

When it comes to the firewall functionality of pfSense, it does provide a single-pane-of-glass to manage everything.

The most valuable aspect of pfSense for me is its firewall functionality. It allows me to set up different networks, and VLANs, and control how subnets communicate with each other, all the way down to individual nodes. This granular control is very important for my network security. Additionally, pfSense offers a variety of alternatives like VPN that I haven't explored yet, but my top priorities are the firewall features that protect my network from external threats and allow me to segment internal traffic. I also use the filter feature to filter internet ads and adult content. The filter list depends on someone keeping it updated, but the community has been great for this and it makes my internet browsing much faster because all the junk ads are blocked. 

pfSense would be much more efficient if it allowed exporting the entire configuration of a device after it's been set up. This way, the configuration could be easily imported onto another device, saving time and effort.

I have been using Netgate pfSense for one year.

Netgate pfSense is stable with zero downtime related to the firewall.

Netgate pfSense can scale at an enterprise level.

Cisco's firewall device proved too complex for me, ending up unused in my garage. Thankfully, pfSense offered a much more user-friendly experience.

pfSense deployment was straightforward thanks to the available documentation and video tutorials, although I did lock myself out once due to user error. While IT professionals might not always consult the manual first, pfSense helpfully allows saving configurations without immediate application, a feature that would have prevented my mistake. Learning from this experience, I now know how to leverage the provided resources for a smoother pfSense deployment process.

I did the deployment myself but someone who is not an IT person will require the help of an integrator or consultant.

I deployed pfSense in two and a half days. It included setting up VLANs for different purposes like a DMZ, server LAN, user devices, guest network, and VMware management. I also configured a firewall with rules to isolate these networks and implemented an IPSec VPN to filter out ads and malicious sites.

The implementation was completed in-house.

pfSense offers a surprisingly affordable enterprise-grade solution for small businesses. While my own pfSense 6100 costs $700, the value it provides makes it a very cost-effective purchase.

I would rate Netgate pfSense nine out of ten.

Other than installing updates, pfSense has not required any maintenance.

Before configuring your network devices, plan out your network segmentation. This written plan will guide how you set up VLANs, servers, DHCP scopes, and DNS. Think of it as a blueprint for your network design. While implementing the plan on a Netgate device or pfSense might be straightforward, without a clear strategy, you'll be overwhelmed by the available features. 

We deploy the pfSense firewall to our customers' networks.

The solution provides customers with reliability and additional security.

The interface is very good. The configuration options are excellent. All of its capabilities are quite useful. It's more capable than what we need it for. I like having the ability to have additional capabilities compared to others.

pfSense's flexibility is great. I would rate it pretty high based on that.

We immediately witnessed the benefits of pfSense.

The IPS intrusion protection system helps prevent data loss. It works really well. It's a little bit manual process, however, it works really well overall.

pfSense provides high availability to help minimize downtime. They all have built-in high availability, which fails over to another box.

The solution provides visibility that enables users to make data-driven decisions. That said, that's a capability that we really don't need due to how small our customers are.

The visibility in pfSense helps to optimize performance. Just being able to see network traffic and the load on the firewall on the box, or the response times from packets going back and forth is helpful. There is a lot of visibility into network performance.

pfSense does not provide a single pane of glass type of management. That's one of the biggest downfalls. We take care of more than 60 customers, so it would be nice to have the ability to have all of the pfSense boxes that we deploy under one pane of glass so we can manage them centrally. 

I've used the solution for two years. 

I've had no issues with stability; I'd rate it ten out of ten. 

While we do not scale the solution, I can see it being very scalable. 

Technical support is of excellent quality, and they have fast response times. 

Positive

We've never used any alternative to pfSense.

We're buying the machines from Netgate. It's very easy to deploy. I'd rate the ease of implementation as eight out of ten. Even if someone didn't have much experience with pfSense, it would be pretty easy.

It's low maintenance; we may only need to worry about an occasional firmware update. 

I did not use an integrator or consultant during the implementation. I handled the process myself. 

The total cost of ownership is very good. It's low maintenance. Once you get it up and running, you really don't have to touch it. It's very favorable to have the inclusion of firewall, VPN, and router functionalities.

The pricing is excellent. 

We're an end-user.

We use the pfSense Plus version. 

I'd rate pfSense nine out of ten.

New users should be aware that it is more complex than just a consumer-grade product. Users need to be prepared for a lot of features that they might not understand or know how to implement at first. Check your resources in preparation.

I use the solution in my home. It's my firewall, DNS server, DHCP server, intrusion detection server, and reverse proxy server.

The solution's web interface is very feature-rich and well-supported. There's a large community of users out there you can get to. There are many things that I'm not using at the time. It's got great support for VPNs. One of the ways that I'm using it is for VPN support as well. Netgate pfSense is a great product.

Netgate pfSense is an extremely flexible solution.

You'll see the benefits of Netgate pfSense immediately after you deploy it. The more features you use, the more benefits you get from it. I'm using the tool for VLAN support. That was something I implemented first, and it completely changed the way I was using my network. That was a real game-changer because it provided greatly enhanced security for my network and reduced the complexity of my network.

The firewall, the intrusion detection service, the VPN support, and VLAN support keep me from getting hacked and possibly having problems with ransomware and potential data loss.

pfSense Plus provides features that help us minimize downtime. You can create copies of different environments that you set up. If you want to try a setting but want to be protected from loss and downtime, you can create a copy of your current working environment.

You should try adding the new change to your pfSense configuration. If that doesn't work, you can easily go back to the working configuration with just a simple change from within the web interface. It also does automatic backups of its configuration.

The visibility of pfSense Plus helps us optimize performance. You can overcome latency issues through traffic shaping. I previously had buffer bloat issues, which I don't have currently.

If you have a slower connection, you can use traffic shaping limiters and priority queues to ensure that your VoIP traffic, internet TV traffic, or streaming traffic has enough guaranteed bandwidth. In my case, my broadband connection is wide enough, and I do not have to really use those features.

The cost of ownership of Netgate pfSense with the hardware cost was about $ 350.

It would be nice for the code optimization to run on even slower processes. It's optimized quite a bit, but there's always room for improvement.

I have been using Netgate pfSense for two years.

We haven’t faced any issues with the solution’s stability.

From my point of view, the solution's initial setup is pretty easy. Many YouTube videos are out there to help you get it up and running. There's a lot to try, a lot of things to do, and a lot of technology to play with, but I'm afraid I'm a bit of a tinkerer. To do what I initially wanted, I probably spent a day.

I would like to see the solution's price reduced.

There is some complexity to adding features to pfSense and configuring them. I would not say it's extremely complex, but it's got a high degree of complexity.

The website is all you need to configure Netgate pfSense. If you choose to, you can use its SSH terminal interface, but that's not something that most users would do. I would think they would stick with its fully developed, mature web interface.

The solution by itself does not need any maintenance. However, if you use the incursion detection plugins, you need to make sure that those are tuned properly. That involves periodic checks and possible adjustments. New users should be prepared to learn, read the manual, and utilize YouTube resources. It'll be worth it.

Overall, I rate the solution ten out of ten.

I work in cyber security and have two instances of pfSense running in high-availability mode for my home lab and use. 

I saw it was secure immediately after deploying pfSense. I didn't need to start configuring the firewalls to make them secure. They were already configured securely after the deployment. If you want to make them more secure, you can do that.  

It provides visibility into the VLAN configurations. I can see the traffic and configurations of the table sizes, the temperature, memory usage, etc. I probably have about a hundred devices. I can see the IPs and decide what I want to connect to. 

PfSense helps to optimize performance. I've gone through some of the dashboards. I can see from the system. I'm looking at the advanced settings in the general setup. The information provides a default, maximum, or minimum in terms of some of the configuration profiles. I can do a few tweaks to get the maximum performance out of it. It's useful from that perspective. There's a lot of documentation around it and a lot of support forums. They provide a lot of guidance in terms of the configuration. 

Other firewalls I've used are difficult or overly complex to configure and don't provide the same level of control that I feel PfSense does. I wanted to go down a route where I could have full control. I like the ability to set up my firewall and access points, link everything together, and be in control of the routing.

PfSense is highly flexible. I looked at a few of the other products before I chose PfSense. From what I read, it can provide many configurations out of the box. It was easy to configure. The user interface and dashboard are informative and intuitive.

It provides a single pane of glass view from the dashboard. From the dashboard, you've got system information, traffic graphs, and information on the services and the interfaces. I can see the information and the packages from that point of view. It does provide a single pane of glass, but I think I'd like to see a little bit more configuration in terms of what else I can add in.

If you look at the pfBlocker's rules and feeds you can block, it's a little cumbersome to identify the logs and see what isn't allowed through and why.

I have used pfSense for about two years.

I haven't experienced any crashes. 

My appliance has 64 gigs of RAM and 1TB on the main disk. From that side, the performance is fine. I've not had any issues with throughput. I think the hardware and the throughput that I need complement each other. I think it seems to be fine from the scalability side. When I look at the dashboard, the CPU rarely gets above 10 percent, and the temperature stays around 30 degrees Celsius on a fan-less appliance. Memory use is low. It's handling the traffic, and I've got a gig broadband throughput, which is fine. I don't have issues with the VPNs, VLANs or performance problems with the firewall itself. 

I rate Netgate support seven out of 10. I've installed pfSense a couple of times. The most recent was about two weeks ago, and I had an issue with the installation that took me about six hours to resolve. When I raised the ticket with the help desk at Netgate, all I got was a couple of suggestions that I'd already tried, The issue I found was the installation doesn't stop to allow you to configure the interfaces or the VLANs.  I had to try several times to get the details in at the right time for the configuration - otherwise, I had to reboot and then try again. 

When I raised this with support, after I found out what the issue was, all I got from the support team was, "Glad you got it sorted." I was expecting to see a ticket raised or a request for more detail. 

Neutral

Going through the wizard is easy. I've been in IT for more than 30 years, so working through things isn't difficult. There's some complexity here and there around the firewall rules. The rules themselves and the floating rules for the firewall were a bit complicated and difficult to understand. I think some of the documentation wasn't straightforward. Once you've sorted those out, the rest of it is quite simple. The initial deployment and configuration took about four hours, and there were a few tweaks after that. 

In terms of maintenance, the only thing I do occasionally is the backup. In cases of failure, I back up the configuration, which takes the DHCP allocations and the configuration of the packages, but I do that for recovery purposes. The only other thing I do renew the certificate on the firewall via the inbuilt packages. Creating the LetsEncrypt configuration is very easy and the cron job allows the renewal to automate every 90 days. I have to bounce the firewall to pick up the new certificate which I could automate - but I like to be in control of when this is done. It would be useful to have something where I can just restart a service to get that up without having firewall downtime.

I can see why they're doing it, but there are questions about cost versus benefit for users using it at home or for a home lab. It is a useful product for securing whatever you've got behind there. I can see the benefit, but I think between the community edition and pfSense Plus, there could be something in the middle for those who don't use it for corporate reasons. They want to use it for either a home lab or just for home usage.

I'm getting an excellent product for what I'm paying annually, but if the cost increases for home usage I would reconsider. It's definitely worth it for an organization to pay a higher fee for the licenses to protect their assets, but there's also a question regarding home usage. I'm happy as long as the pricing model stays the same, but I think if it increased, I'd have to decide whether to stay with it, go to the community edition, or opt for an alternative solution. I don't run pfSense on Netgate appliances, so I'm not really tied into pfSense.

I looked at OPNsense, but I haven't spent too much time on that one. I've also used the pfSense community edition, which I used for quite some time. However, I think with the changes, support, and upgrades, it's an easy decision to move to pfSense Plus.

I rate pfSense nine out of 10. It's a good product and well-configured. It has a lot of usability, and user configuration is easy. The only thing that's lacking is around the firewall logs, which are a little bit difficult. I'd like it to be easier to access them instead of going into the Status menu and then the System Logs.

Do you have any advice for new users of pfSense? How should they prepare? What should they be ready for, for example?

The first piece of advice to new users relates to the installation. If there are any issues, think about what it's asking you. One of the issues I had was around the interface allocation. It asks you to set up the interfaces, but it doesn't stop the installation from skipping through them. If there are any issues from a configuration or an installation perspective, one thing would be to look at the boot configuration and see what's going on there.  Make sure the connections are correct to the ports and then reboot the firewall. 

Regarding the dashboard, I'm working through those and looking at the information it provides you, then going bit by bit in terms of the configuration. The hardest part that I found was the VPN. Looking at the VPN as an example and then VLANs, working through the firewall rules takes a little time, and it is quite cumbersome. Rather than setting up a lot of VLANs and doing the rules across all the VLANs, the easiest way that I found was to get one working and then copy the rules across the other VLANs.

We use the solution as the main firewall and a proxy for load balancing our web servers.

The best feature of the tool is its all-in-one capabilities. It is a firewall with built-in IDS and IPS, load balancing, and VPN connections. The VPN integration, particularly with internal AD environments, provides stable connections. Centralized authentication is a notable benefit as well. We primarily use it for these features on our server level and are planning to expand their use in our complex environment to connect employees and services. 

Netgate pfSense is cost-effective because you can start using it for free. You can research how to install and configure everything, then install it virtually on any device or partition some hardware. This allows you to start using a firewall without any initial cost.

For larger companies, if you have one or two people skilled with the tool, they can design the complete network using it. That's all you need. You don't have to invest in expensive subscriptions or big hardware setups.

My only suggestion is that Netgate pfSense implement more graphical monitoring. While there are accounts with add-ons for graphical monitoring of data networking, IPS, IDS, and firewall-level events, having more graphical representations like blocks would make the tool more capable. Although it has commercial support and a good GUI, it can still be challenging for someone without firewalls, command lines, and networking knowledge.

Adding features to the solution through packages is somewhat limited. The marketplace doesn't have as many options as you might expect.

One example is the IPS/IDS system. Netgate pfSense still uses Snort 2.9, even though version 3.0 has been out for about a year. Version 3.0 offers important improvements like multi-core support, significantly speeding up processing. The solution seems slow to update to newer versions of these third-party packages.

The tool should provide beta versions with the latest package updates sooner so users can benefit from new features and improvements.

Another issue is the lack of a package marketplace. Despite being open source and customized by many developers globally, there isn't a wide selection of community-created packages. The reasons for this aren't clear to me - it could be security concerns or other factors.

Based on my experience using Netgate pfSense for about four years, I can't say the improvements in our environment are solely due to the product. It's a combination of Netgate pfSense and another monitoring tool we use.

Monitoring is crucial. The easier the monitoring and user interface, the simpler our team can work on and investigate issues. Accessing data becomes more difficult when you use commands or other complex methods.

With our third-party tools, log viewing is very straightforward. The tool logs everything important. This was helpful when our site was slow, and we needed to determine why. The logs from Negate pfSense and our IT systems help us identify issues.

However, the solution's combination with a third-party monitoring tool provides a graphical interface. This makes it much easier to review logs and pinpoint problems.

If Netgate pfSense had a better graphical interface, it would be one of the best products available. I think the graphical interface should be much better and easier to monitor. For example, I encountered errors when I installed HAProxy, a load balancer available in the solution. It was difficult to determine the errors because the backend wasn't working properly. It took us a long time to identify the exact issue because more detailed error information isn't directly available in the current interface. You must go through different steps to trace and see what errors are coming up.

If the tool could improve in this area and provide more error details directly in the interface, that would be beneficial. As for packages, if they could update to newer versions of third-party packages more quickly, that would be helpful. I understand they might not be able to use the very latest versions immediately, but if they could provide updates within three to six months of a new package release, users could try new features sooner.

One additional feature that would be helpful is SAML authentication. Many companies now use Azure or AWS; in our case, we use Office 365 for email and authentication. If SAML authentication was available in pfSense, we could have integrated it with Office 365, allowing users to log in directly using their existing credentials.

The tool can integrate with Azure AD internally, but SAML or two-factor authentication, such as SMS, would provide better security. Firewalls are usually kept behind the scenes and not exposed, but this feature would be useful in some cases.

We've offered Netgate pfSense to many clients, managing it for them and migrating them from existing firewalls. They're generally happy with the change. However, some clients were looking for these additional authentication features. While we can integrate with Office 365, a direct connection option would be beneficial.

I have been working with the product for four years. 

I use Netgate pfSense Plus. We mainly chose it for early updates and commercial support, as advertised on their site. I've only used the support once, though. We started with the free version, which worked fine without issues. After three to four months, we upgraded to the Netgate pfSense Plus environment. Since then, it's been very stable. We've never had problems that required rolling back changes after updates. The updates are very stable - we don't have issues when we update the firewall. So overall, it's been quite stable for us.

I rate the solution's stability a ten out of ten. 

My company has five users using the solution in two locations. The solution's documentation shows that it is scalable. 

There is a lot of support material available on the Internet. You need to do some research. In my experience, I've only had to contact Netgate pfSense support once in the last four years, and that was because I messed up the operating system in our virtualized environment. 

We were previously using Cisco ASA 5500. After three years, we needed to upgrade the hardware and the subscription. At that time, we were moving from an on-premise solution to the cloud, so we decided to try Netgate pfSense. Our vendor recommended it. We wanted to get at least six months of experience with it to ensure its features were stable and it could handle higher loads without breaking. That was one of the main reasons we chose the solution.

The solution's deployment is straightforward. The basic setup took us just about two to three hours. However, designing our custom network configuration took a bit longer. Overall, we got the tool up and running in about three to four days in my environment. There were three people involved in the deployment process: myself and two other team members.

Netgate pfSense doesn't require much maintenance on our end. It's pretty smooth. We monitor alerts. When there's a new update, we test it in our staging environment to see if it affects anything. If it's smooth, we upgrade.

The tool has helped us save money. 

The tool is flexible; even the free, open-source version offers many features. From a cost perspective, even the subscription model for commercial support isn't too costly. However, it's important to have someone knowledgeable about Netgate pfSense to take advantage of it. While there are online resources, a professional or someone experienced can get much more out of the solution. I've heard that the IPS/IDS licenses and other features can be costly.

The solution is very cheap. It's so affordable that even students can use it on their laptops. It's a good, cost-effective product.

The solution has a single web interface, which you could consider a container. Within this container, there are multiple interfaces or sections. You must navigate to different settings to manage different aspects of the system.

So, while it's all contained within one web interface, you can't see or manage everything from a single screen.

I recommend the tool to our clients. We help them implement and support it. I rate it an eight out of ten. 

I've set up Netgate pfSense for my friend's law practice for his access to VPN after the AT&T service dropped their FortiGate. It was so much easier to use. The VPN and VLAN support I needed that Meraki and AT&T tried to give me was crap. I also use Netgate pfSense at home as my router or office network.

I also have the tool set up for a remote person in Texas for a site-to-site VPN when she needs it to do some work. I've currently got three of them that I use personally and professionally.

I love the solution's flexibility. You can buy their hardware, get support, and use other people's hardware. Netgate is constantly releasing patches and updates, which is nice. There is also tons of free material on the web and on YouTube on how to set it up.

We saw the benefits of Netgate pfSense within weeks of deploying it because it gave me the ability to segment my network quickly. It was pretty straightforward and much easier than some of the competitors out there.

Netgate pfSense gives me a single pane of glass management. It gives me everything I need with regard to the firewall.

Netgate pfSense Plus provides features that help us minimize downtime. The ability to do high availability and failover of LAN links is a nice feature.

The visibility that pfSense Plus provides helps us optimize performance. I can see traffic analysis and tune it a little better.

I'd say the solution's total cost of ownership will replace itself within a year. The stability of being able to download a different package if someone needs it has made my life a lot easier.

Some of the functions are not menu-driven. You have to know to click here, then go over to this setting and click here. 

It would be nice if the solution had a wizard for some of the complex functions. When trying to walk people through something, I have to look at the video or read their document.

I have been using Netgate pfSense for three years.

I haven't had any stability issues with Netgate pfSense. The tool might get bogged down if I add more things. I still reboot mine once a month. Other than that, I haven't had any crashes.

It'd be nice if I could add memory to their appliances to improve their performance. Scalability, to me, is really another hardware device. I haven't seen an option to change the hardware.

The solution's technical support team is very responsive. Regarding the quality of their answers, the support team is excellent and very knowledgeable.

Positive

We had the FortiGate firewall that AT&T was providing, which they discontinued. Unfortunately, their replacement was less compatible than the FortiGate, so we jumped to Netgate pfSense. We were doing managed services at AT&T. I dumped their managed service at my firewall because Netgate pfSense was so easy to use.

Since I've been in IT for years, the solution's initial setup is simple for me. If you have a device that doesn't have a keyboard and you're using a serial console, it's a little bit kludgy on what to do. You can figure it out if you read the documents ahead of time.

Deploying the solution for my home use took me about a day and a half. It was all about design and learning all the functions. Deploying the solution for the business took me about two weeks because I had to figure out all the rules. Software-wise, it was easy, but we had to figure out what the customer wanted.

The solution's pricing is comparable to other products. The basic plan provides the support I need.

Depending on what you're trying to do, adding and configuring features to Netgate pfSense is somewhere in the middle between easy and difficult. Some things are really simple, while others are difficult.

Remembering everything you have to do is challenging because sometimes you have to click somewhere, and then you don't remember where you clicked. So, it'd be nice if everything was better tied together.

I initially started with the free version on third-party hardware, and then they discontinued it, so I just bought the appliance.

I prefer to do manual updates myself, but the solution lets me know if there's an update. I regularly do firmware updates when they are available.

The solution provides great support, articles, and a lot of documents.

New users should document what they want to do upfront and then try to look at all the documents on the Netgate site. My biggest advice would be not to try to do it cold. If you're going to use the VLANs, figure out all that information for your routing. If you don't have a document, you won't be able to implement it very easily.

Overall, I rate the solution a nine out of ten.

I primarily used the solution to replace Cisco, which was horrible. I wanted something super simple. We needed something that would make the change process within my network easier.

I started with a small trial when I wanted to replace my Cisco switches. I liked that this was open source and I was able to test a few things. The capabilities of configuration made it so that I didn't have to test other options and I could translate my configuration the way I wanted to.

It's easy to configure segments in a network and the routing is good. 

It is super robust. The flexibility is great. It's the main reason I switched off of Cisco. Everything is very intuitive.

I have a pretty complex network. With this, I can do some segmenting. I can have specific firewall rules to make my network as secure as possible.

It's so easy to use. I use the VPN features a lot. It's great.

It's simple to add features. There's lots of documentation and Youtube guides to help you. I did not need specialized training thanks to this knowledge base. As long as you have a background in networking, it's pretty straightforward.

You can add other software packages to pfSense.

Between the free and paid versions, I do not see something that would make one better than the other. However, I bought the pfSense appliance to ensure I had a nice piece of hardware to save and protect my network.

pfSense does provide good visibility into my network so that I can make data-driven decisions. If I need to troubleshoot anything, I can go and look at the data, the statistics, and the graphs. I don't do this daily; I do it only if I notice strange behavior. 

It helps us optimize performance - especially in terms of internet use.

While the software is great, they could work on improving the hardware. The interface is a little bit sluggish. When I installed it on a random computer, the performance was pretty crisp. However, on the device itself, it's slower. I'd like to see them decrease storage and increase speed. With storage, you can always add more. However, you cannot make CPUs faster. 

I've used the solution since September 2022.

I've never experienced any crashes. It's quite stable. 

It's a pretty beefy appliance. That said, thus far, I have no need to scale. At the time, I went with the biggest offering they had in terms of appliance size. 

I've only contacted technical support in order to get a device replacement. I've never experienced any issues. 

I previously used Cisco. It was difficult.

The initial setup is moderately easy. I struggled a bit. It's a bit tricky at first.  However, within a couple of months, I had a really good setup. Now, it's working flawlessly. The deployment took a few months. The first month was a lot of troubleshooting. By the second month, I was fine-tuning. By the third month, it was completely up and running. 

There isn't too much maintenance. The device is almost maintenance-free. Every once in a while, there are updates. The backup is automatic after configuration. I don't have to worry about that.

I handled the setup by myself. 

The pricing is good. I'm not locked into any kind of subscription. Since I bought the appliance, I have it until it breaks. 

I'd rate the solution eight out of ten. 

I wouldn't recommend pfSense to somebody who has no limited network. While pfSense, for me, was pretty easy to set up, it does have so many features that you could easily get confused. I would recommend it to anybody with experience as a network engineer, not just a beginner.